directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sean Kelly (JIRA)" <>
Subject [jira] [Created] (DIRSERVER-1734) ads-certificatePassword syntax far too restrictive for actual passwords
Date Thu, 05 Jul 2012 23:20:34 GMT
Sean Kelly created DIRSERVER-1734:

             Summary: ads-certificatePassword syntax far too restrictive for actual passwords
                 Key: DIRSERVER-1734
             Project: Directory ApacheDS
          Issue Type: Bug
          Components: core
    Affects Versions: 2.0.0-M7
         Environment: CP/M-86 Java 7 on PDP-11
            Reporter: Sean Kelly
             Fix For: 2.0.0-RC1

The password for my keystore happens to be "ec7!J>;;x".

However, specifying that value in my config.ldif as {{ads-certificatePassword: ec7!J>;;x}}
results in a startup failure:

[18:08:12] WARN [] - The attribute
'ads-certificatepassword' cannot be stored ERR_04447_CANNOT_NORMALIZE_VALUE
Cannot normalize the wrapped value ERR_04473_NOT_VALID_VALUE Not a valid value 'ec7!J>;;x'
for the AttributeType 'ATTRIBUTE_TYPE (
 NAME 'ads-certificatePassword'
 DESC The certificate passord
 EQUALITY caseExactMatch
 ORDERING caseExactOrderingMatch
 SUBSTR caseExactSubstringsMatch
 USAGE userApplications

Apparently the {{ads-certificatePassword}} property's syntax is,
which, sadly, is far too restrictive for actual in-use passwords.

I recommend changing the syntax to something a bit more permissive.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message